Demoting Domain Controller 2012- Need help!!

Hi!
I hve a BIG problem....
I have two DCs.
One is a physical machine(server 2012 std) and the other is virtual(server 2012 r2, on hyper-v).
The thing is that I need to demote the physical machine, which is also the HOST for the virtual machine(lack of resources..)
I have already transferred FSMO roles to the virtual DC and now it is the holder of all roles.
How do I safely demote the physical DC without causing any problem to the virtual DC?
Thank you! 
Moriya Saadon

Hello,
there is no risk having only VM DCs. The bigger risk is having just a single DC/DNS/GC. There are reason for physical DCs but a domain can run without it.
Please post an unedited ipconfig /all from BOTH DCs so we can verify some settings.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://blogs.msmvps.com/MWeber
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Twitter:  

Similar Messages

  • Move Windows Domain Controller 2012 to other Windows Domain Controller 2012 eniveroment

    Dear All,
    I Have Windows Domain Controller 2012 and but this server have a lot of issue so I need to ask you if I can move this server to other new server as is old server if yes can you please guide me how to do that ?
    Regards, 

    Hello Khaleel,
    Your question doesnt specify what kind of errors are there on DC 2012. Try to resolve those errors.
    Incase the server cannot be remediated, you can demote the server from being a DC.
    you can demote the server using:
    http://terrytlslau.tls1.cc/2012/03/domain-controller-demotion-on-windows.html
    Please ensure, there is another DC in the domain and the FSMO roles , GC have been transferred to another server.
    http://support.microsoft.com/kb/223346/en-us
    http://www.archy.net/windows-server-2012-migrating-fsmo-roles/
    I LOVE MS..... Thanks and Regards, Kshitiz (Posting is provided "AS IS" with no warranties, and confers no rights.)

  • Help with setting up active directory domain controller/DNS - need this for Clustering

    Disclaimer: I am new to Active Directory, so please dont rule out the obvious things I may have overlooked.
    I need to set up Active Directory Domain controller on at least one server so I can run clustering. I set up the domain controller and ran Cluster validation and that failed - unable to reach writable domain controller.
    When I look at my server manager AD DS complain about DNS:
    NASE-2012-234    4015    Error    Microsoft-Windows-DNS-Server-Service    DNS Server    1/14/2014 12:54:06 AM
    The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
    When I click on DNS this is the error:
    The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
    Output of DCDiag -v is below.
    PS C:\Users\Administrator> dcdiag -v
    Directory Server Diagnosis
    Performing initial setup:
       Trying to find home server...
       * Verifying that the local machine NASE-2012-234, is a Directory Server.
       Home Server = NASE-2012-234
       * Connecting to directory service on server NASE-2012-234.
       * Identified AD Forest.
       Collecting AD specific global data
       * Collecting site info.
       Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=
    ntDSSiteSettings),.......
       The previous call succeeded
       Iterating through the sites
       Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lab,DC=nas
    e,DC=com
       Getting ISTG and options for the site
       * Identifying all servers.
       Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntD
    SDsa),.......
       The previous call succeeded....
       The previous call succeeded
       Iterating through the list of servers
       Getting information for the server CN=NTDS Settings,CN=NASE-2012-234,CN=Servers,CN=Default-First-Site-Name,CN=Sites,C
    N=Configuration,DC=lab,DC=nase,DC=com
       objectGuid obtained
       InvocationID obtained
       dnsHostname obtained
       site info obtained
       All the info for the server collected
       * Identifying all NC cross-refs.
       * Found 1 DC(s). Testing 1 of them.
       Done gathering initial info.
    Doing initial required tests
       Testing server: Default-First-Site-Name\NASE-2012-234
          Starting test: Connectivity
             * Active Directory LDAP Services Check
             The host c0c507c4-fb9b-49a6-9a01-ef79d7960c94._msdcs.lab.nasecom could not be resolved to an IP address.
             Check the DNS server, DHCP, server name, etc.
             Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
             ......................... NASE-2012-234 failed test Connectivity
    Doing primary tests
       Testing server: Default-First-Site-Name\NASE-2012-234
          Skipping all tests, because server NASE-2012-234 is not responding to directory service requests.
          Test omitted by user request: Advertising
          Test omitted by user request: CheckSecurityError
          Test omitted by user request: CutoffServers
          Test omitted by user request: FrsEvent
          Test omitted by user request: DFSREvent
          Test omitted by user request: SysVolCheck
          Test omitted by user request: KccEvent
          Test omitted by user request: KnowsOfRoleHolders
          Test omitted by user request: MachineAccount
          Test omitted by user request: NCSecDesc
          Test omitted by user request: NetLogons
          Test omitted by user request: ObjectsReplicated
          Test omitted by user request: OutboundSecureChannels
          Test omitted by user request: Replications
          Test omitted by user request: RidManager
          Test omitted by user request: Services
          Test omitted by user request: SystemLog
          Test omitted by user request: Topology
          Test omitted by user request: VerifyEnterpriseReferences
          Test omitted by user request: VerifyReferences
          Test omitted by user request: VerifyReplicas
          Test omitted by user request: DNS
          Test omitted by user request: DNS
       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation
       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation
       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
       Running partition tests on : lab
          Starting test: CheckSDRefDom
             ......................... lab passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... lab passed test CrossRefValidation
       Running enterprise tests on : lab.nasecom
          Test omitted by user request: DNS
          Test omitted by user request: DNS
          Starting test: LocatorCheck
             GC Name: \\NASE-2012-234.lab.nasecom
             Locator Flags: 0xe000f3fd
             PDC Name: \\NASE-2012-234.lab.nasecom
             Locator Flags: 0xe000f3fd
             Time Server Name: \\NASE-2012-234.lab.nasecom
             Locator Flags: 0xe000f3fd
             Preferred Time Server Name: \\NASE-2012-234.lab.nasecom
             Locator Flags: 0xe000f3fd
             KDC Name: \\NASE-2012-234.lab.nasecom
             Locator Flags: 0xe000f3fd
             ......................... lab.nase.com passed test LocatorCheck
          Starting test: Intersite
             Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
             provided.
             ......................... lab.nasecom passed test Intersite
    PS C:\Users\Administrator>

    http://social.technet.microsoft.com/Forums/en-US/home?forum=winserverDS is the forum for Directory Services questions.  You might want to post your question there.
    .:|:.:|:. tim

  • Hyper-V Guest Cannot Find Host Domain Controller 2012 R2

    Poweredge T320 server as a Domain Controller,  file server and an EXCHANGE 2010 server. There are no other servers at the site. 
    DHCP is from the firewall.   The DC and the file server will be on the host. 
    The 2010 EXCHANGE server will be on the guest.  The Hyper-V 
    2012 R2 server cannot see the Domain Controller on the host 2012 R2 server. 
    The Active Directory is requesting to be promoted to a Domain Controller.  
    I have a logical or physical error in the installation. 
    It is asking to promote the  Hyper-V guest 2012 R2 to a Domain Controller. 
    I believe I should have only one  Domain Controller in this application.  
    After the Hyper-V guest can see the host domain controller I will install EXCHANGE 2010.
    This is a test environment, offsite.
    NIC1 – Host IP:192.168.1.130, 255.255.255.0, Gateway:192.168.1.1, DNS:127.0.0.1
    NIC2- Only Hyper-V switch checked
    Virtual Switch: 192.168.1.140, 255.255.255.0, Gateway: Blank, DNS: Was 127.0.0.1 didn’t work so I pointed it to the host, 192.168.1.130, but that didn’t work either.
    Host adapter: IP:192.168.1.150, 255.255.255.0, 192.168.1.1, DNS Pointing to HOST:162.168.1.130
    Active Directory and DNS installed on the guest.
    Removed IPv6 from both NICs without any change.
    IPAM is not installed on the host or the guest.
    Several articles in Internet search didn’t help.
    Thanks for your help.

    Hi Steve,
    I suggest referring to the following links:
    REMOTEFX, WINDOWS SERVER & HYPER-V SERVER
    http://blogs.technet.com/b/puneetvig/archive/2011/04/21/remotefx-windows-server-amp-hyper-v-server.aspx
    RemoteFX (with Hyper-V) is a serious business tool. For games.
    http://blogs.technet.com/b/tristank/archive/2012/02/17/remotefx-with-hyper-v-is-a-serious-business-tool-for-games.aspx
    Best Regards,
    Vincent Wu
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • Have new domain and host need help publishing!

    It has been a while since I last used iWeb. I have bought a new domain name to replace the old one and I have bought a host. I think I have it all typed in correctly and I hit test connection and it says it couldn't connect try again later. What am I missing? Any help would be so awesome!

    ok i will type word for word what i have in my iWeb site publishing settings....
    publish to: FTP Server
    sitename: www.coolecreations.com
    email: my e-mail
    FTP SETTINGS:
    Server address: coolecreations.com
    username: my username
    password: my password
    directory/path: blank
    protocol:FTP   Port:21
    Website URL:
    http://www.coolecreations.com
    when i hit publish i get this message:
    A connection to coolecreations.com couldn't be established. Verify your settings and try again.

  • Flash pro cc xul controlls jsfl need help

    Hello all
    i had used flash cs for a while and was using lots of downloaded jsfl commands that would help me speed up work
    Switched to cc lately and those commands do not work
    heres a code of one of not working commands.
    dialog buttons="accept, cancel" title="Search and Replace v1.0">
    <grid>
    <columns>
        <column />
        <column />
    </columns>
    <rows>
        <row>
        <label control="searchFor" value="Search For:" />
            <textbox id="searchFor" value="" />
        </row>
        <row>
        <label control="replaceWith" value="Replace With:" />
            <textbox id="replaceWith" value="" />
        </row>
        <spacer />
            <radiogroup id="searchType"/>
                <radio label="Search All Items" selected = "true" />
                <radio label="Search Selected Items" />
            </radiogroup>
    </grid>
    </dialog>
    Could you tell me what to modify so i can run this command under CC
    Thanks in advance

    sorry that was only the xml window code for the command
    the real code for the command is this:
    var doc = fl.getDocumentDOM();
    var lib = doc.library;
    var allItems = lib.items;
    var selItems = lib.getSelectedItems();
    var searchItems;
    var nameList
    var oldname;
    var newname;
    var xml = doc.xmlPanel(fl.configURI + "XULControls/SearchReplace.xml");
    if(xml.dismiss == 'accept'){
        var searchFor = xml.searchFor;
        var replaceWith = xml.replaceWith;
        if(xml.searchType == "Search Selected Items"){
            searchItems = selItems;
            nameList = removePath(true);
        }else{
            searchItems = allItems;
            nameList = removePath(false);
        if(searchItems.length == 0){
            alert("No Library items selected");
        }else{
            for(i = 0; i < searchItems.length; i++){
                oldname = nameList[i];
                newname = oldname.replace(searchFor, replaceWith);
                searchItems[i].name = newname;
    function removePath(bSelItems){
        if(bSelItems){
            libSelPath=fl.getDocumentDOM().library.getSelectedItems();
        }else{
            libSelPath=fl.getDocumentDOM().library.items;
        itemNames = new Array();
        for (a = 0; a < libSelPath.length; a++){
            charStart = libSelPath[a].name.lastIndexOf("/") + 1;
            itemNames[a] = libSelPath[a].name.substring(charStart);
        return itemNames;
    thx

  • Domain Name change need help

    Hi,
    My friend registered his website through your services and has his website as domainname.com but when you cick on it it goes to domainname.name.com.
    Not sure what he did wrong.
    How do we get it changed back to domainname.com?
    Thanks

    Hi Sidney,
    The website in speaking is:
    Mechanistlabs.com
    Thanks

  • Domain controller configuration in Cisco ACS 4.2

    Hi all,
    We are having a long pending ticket one of our customer has raised with us.
    Problem is related to cisco ACS version 4.2.
    Customer has raised a concern that while authenticating with the ACS requests are reaching to Secondary domain controller instead of Primary domain controller.
    We do not have the access of the physical server, but our server team have.
    We do have the Gui page access by http://<ACS IP>:2002
    In our ACS external data base is configured with the domain name, there is no IP related information for the Domain controller. I think that can be confiured in physical server. In short, we are having windows server and running ACS software on top of that.
    How can we proove this to the customer that requests for Network device authentication is going to Primary domain controller and not to the secondary domain controller.
    Please help us out. We tried before with Server team and given some command like %logonserver% and was indicating Primary domain controller IP. Is there any other way to prove this.
    Regards,
    Kalpesh Modi

    The  logs receiving is not in proper format .unable to understand the details in logs .Please find the below example
    "Feb 20 12:48:40 ACS0   CSCOacs_Passed_Authentications: 0000412469 3 0 2012-02-20 12:48:40.225 +04:00 0188387558 5200 NOTICE Passed-Authentication: Authentication succeeded, ACSVersion=acs-5.2.0.26-B.3075, ConfigVersionId=868, Device IP Address=x.x.x.x, UserName=frad.cole, Protocol=Radius, RequestLatency=24, NetworkDeviceName=dxb-palmj-pop-s93-bds1a, User-Name=frad.cole, NAS-IP-Address=x.x.x.x, NAS-Port=0, Service-Type=Administrative, Framed-Protocol=X.75 Synchronous, Framed-IP-Address=x.x.x.x, Login-IP-Host=x.x.x.x, NAS-Identifier=Dxb-PalmJ-POP-S93-BDS-1A, NAS-Port-Type=-1, NAS-Port-Id=slot=0\;subslot=0\;port=0\;vlanid=0, AcsSessionID=OACS0/109447559/11612656, AuthenticationIdentityStore=AD1, AuthenticationMethod=PAP_ASCII, SelectedAccessService=Radius Rules, SelectedAuthorizationProfiles=JUNIPER-Activation-Ent, SelectedAuthorizationProfiles=Radius-CiscoAVPair-lvl-1, IdentityGroup=IdentityGroup:All Groups:Migrated_Group:Enterprise-Activation, Step=11001 "
    Is there any other setting to get the logs in proper fromat .
    Do we need to change the "Facility Code:Local 6" to some other values .
    Kindly advice .

  • Secondary Domain Controller Not Authenticating Domain Users

    Hi.
    I have a primary domain controller running Win Srv 2012 in USA and i added a secondary domain controller 2012 in the same domain from a different location India, through VPN.so that India user accounts can authenticate by the secondary DC instead of primary
    DC USA
    Installation & replication of AD went fine
    India domain users login is damn slow.
    When i ran the command echo %logonserver% from a india client machine,it displays the USA Primary DC name which means its authenticating the users from USA primary DC.
    Preferred DNS for india client machine is Secondary DC IP and alternate is Primary DC IP USA.
    Please find the dcdiag results below and any help much appreciated
    Performing initial setup:
       Trying to find home server...
       Home Server = server2
       * Identified AD Forest.
       Done gathering initial info.
    Doing initial required tests
       Testing server: INDIA\server2
          Starting test: Connectivity
             ......................... server2 passed test Connectivity
    Doing primary tests
       Testing server: INDIA\server2
          Starting test: Advertising
       Warning: DsGetDcName returned information for \\server1.tst.mycompany.com, when we were trying to reach
       server2.
       SERVER IS NOT RESPONDING or IS NOT CONSIDERED SUITABLE.
             ......................... server2 failed test Advertising
          Starting test: FrsEvent
             ......................... server2 passed test FrsEvent
          Starting test: DFSREvent
             There are warning or error events within the last 24 hours after th
             replication problems may cause Group Policy problems.
             ......................... server2 failed test DFSREvent
          Starting test: SysVolCheck
             ......................... server2 passed test SysVolCheck
          Starting test: KccEvent
             ......................... server2 passed test KccEvent
          Starting test: KnowsOfRoleHolders
             ......................... server2 passed test KnowsOfRoleHolders
          Starting test: MachineAccount
             ......................... server2 passed test MachineAccount
          Starting test: NCSecDesc
             ......................... server2 passed test NCSecDesc
          Starting test: NetLogons
             Unable to connect to the NETLOGON share! (\\server2\netlogon)
             [server2] An net use or LsaPolicy operation failed with error 67,
             ......................... server2 failed test NetLogons
          Starting test: ObjectsReplicated
             ......................... server2 passed test ObjectsReplicated
          Starting test: Replications
             ......................... server2 passed test Replications
          Starting test: RidManager
             ......................... server2 passed test RidManager
          Starting test: Services
             ......................... server2 passed test Services
          Starting test: SystemLog
             A warning event occurred.  EventID: 0xA004001B
                Time Generated: 02/22/2015   17:10:30
                Event String: Intel(R) 82574L Gigabit Network Connection
             A warning event occurred.  EventID: 0x000727A5
                Time Generated: 02/22/2015   17:11:24
                Event String: The WinRM service is not listening for WS-Manageme
             An error event occurred.  EventID: 0x0000271A
                Time Generated: 02/22/2015   17:11:24
                Event String:
                The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not regist
             A warning event occurred.  EventID: 0xA004001B
                Time Generated: 02/22/2015   17:12:41
                Event String: Intel(R) 82574L Gigabit Network Connection
             A warning event occurred.  EventID: 0x000003F6
                Time Generated: 02/22/2015   17:19:36
                Event String:
                Name resolution for the name mycompany.com timed out after none
             A warning event occurred.  EventID: 0x00001796
                Time Generated: 02/22/2015   17:28:54
                Event String:
                Microsoft Windows Server has detected that NTLM authentication i
    his server. This event occurs once per boot of the server on the first time
             A warning event occurred.  EventID: 0x000727A5
                Time Generated: 02/22/2015   17:33:35
                Event String: The WinRM service is not listening for WS-Manageme
             A warning event occurred.  EventID: 0x00001796
                Time Generated: 02/22/2015   17:35:54
                Event String:
                Microsoft Windows Server has detected that NTLM authentication i
    his server. This event occurs once per boot of the server on the first time
             ......................... server2 failed test SystemLog
          Starting test: VerifyReferences
             ......................... server2 passed test VerifyReferences
       Running partition tests on : ForestDnsZones
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValida
       Running partition tests on : DomainDnsZones
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValida
       Running partition tests on : Schema
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
       Running partition tests on : Configuration
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidat
       Running partition tests on : tst
          Starting test: CheckSDRefDom
             ......................... tst passed test CheckSDRefDom
          Starting test: CrossRefValidation
             ......................... tst passed test CrossRefValidation
       Running enterprise tests on : tst.mycompany.com
          Starting test: LocatorCheck
             ......................... tst.mycompany.com passed test LocatorChec
          Starting test: Intersite
             ......................... tst.mycompany.com passed test Intersite

    Hi.
    I have a primary domain controller running Win Srv 2012 in USA and i added a secondary domain controller 2012 in the same domain from a different location India, through VPN.so that India user accounts can authenticate by the secondary DC instead of primary
    DC USA
    Installation & replication of AD went fine
    India domain users login is damn slow.
    When i ran the command echo %logonserver% from a india client machine,it displays the USA Primary DC name which means its authenticating the users from USA primary DC.
    Preferred DNS for india client machine is Secondary DC IP and alternate is Primary DC IP USA.
    Firstly make sure that you have configured sites and subnets correctly. According to your information which you have two locations, you should have at least 2 sites and 2 subnets associated to them. If you have forgotten to configure subnets of India in your
    site and services and assigned them to the India site you are experiencing this issue. Also make sure if clients in India has appropriate network connectivity to the domain controllers in India.
    Mahdi Tehrani   |  
      |  
    www.mahditehrani.ir
    Please click on Propose As Answer or to mark this post as
    and helpful for other people.
    This posting is provided AS-IS with no warranties, and confers no rights.
    How to query members of 'Local Administrators' group in all computers?

  • Having trouble promoting a server to a Child Domain Controller

    Hello,
    I am having promoting a 2012 server that's already a member of a domain to a child domain controller.  All of the prereq's are met.  When I try to promote it, it shows the steps being processed.  When it begins to replicate the parent domain's
    database, it runs all night and never completes.  Any Idea what's going on?
    Thanks
    John G.
    John Grace

    Hello,
    Just to let you know I can ftp, telnet, and map drives to gptsserver1.gpts.biz from gptsserver2.gpts.biz but can't promote gptsserver2.gpts.biz to a child domain controller.  Any help is appreciated.
    Here is the contents of dcpromo.log from gptsserver2.gpts.biz:
    08/13/2014 21:14:32 [INFO] Promotion request for domain controller of new domain
    08/13/2014 21:14:32 [INFO] DnsDomainName  gpts2.gpts.biz
    08/13/2014 21:14:32 [INFO] FlatDomainName  GPTS2
    08/13/2014 21:14:32 [INFO] SiteName  Default-First-Site-Name
    08/13/2014 21:14:32 [INFO] SystemVolumeRootPath  C:\Windows\SYSVOL
    08/13/2014 21:14:32 [INFO] DsDatabasePath  C:\Windows\NTDS, DsLogPath  C:\Windows\NTDS
    08/13/2014 21:14:32 [INFO] ParentDnsDomainName  gpts.biz
    08/13/2014 21:14:32 [INFO] ParentServer  gptsserver1.gpts.biz
    08/13/2014 21:14:32 [INFO] Account (NULL)
    08/13/2014 21:14:32 [INFO] Options  5243072
    08/13/2014 21:14:32 [INFO] Validate supplied paths
    08/13/2014 21:14:32 [INFO] Validating path C:\Windows\NTDS.
    08/13/2014 21:14:32 [INFO] Path is a directory
    08/13/2014 21:14:32 [INFO] Path is on a fixed disk drive.
    08/13/2014 21:14:32 [INFO] Validating path C:\Windows\NTDS.
    08/13/2014 21:14:32 [INFO] Path is a directory
    08/13/2014 21:14:32 [INFO] Path is on a fixed disk drive.
    08/13/2014 21:14:32 [INFO] Validating path C:\Windows\SYSVOL.
    08/13/2014 21:14:32 [INFO] Path is on a fixed disk drive.
    08/13/2014 21:14:32 [INFO] Path is on an NTFS volume
    08/13/2014 21:14:32 [INFO] Child domain creation -- check the new domain name is child of parent domain name.
    08/13/2014 21:14:32 [INFO] Domain Creation -- check that the flat name is unique.
    08/13/2014 21:14:42 [INFO] Start the worker task
    08/13/2014 21:14:42 [INFO] Request for promotion returning 0
    08/13/2014 21:14:42 [INFO] Using supplied domain controller: gptsserver1.gpts.biz
    08/13/2014 21:14:42 [INFO] Using supplied site: Default-First-Site-Name
    08/13/2014 21:14:42 [INFO] Forcing time sync
    08/13/2014 21:14:42 [INFO] Forcing a time sync with gptsserver1.gpts.biz
    08/13/2014 21:14:42 [INFO] Reading domain policy from the domain controller gptsserver1.gpts.biz
    08/13/2014 21:14:42 [INFO] Stopping service NETLOGON
    08/13/2014 21:14:42 [INFO] Stopping service NETLOGON
    08/13/2014 21:14:42 [INFO] ControlService(STOP) on NETLOGON returned 0(gle=1062)
    08/13/2014 21:14:42 [INFO] Exiting service-stop loop after service NETLOGON entered STOPPED state
    08/13/2014 21:14:42 [INFO] StopService on NETLOGON returned 0
    08/13/2014 21:14:42 [INFO] Configuring service NETLOGON to 1 returned 0
    08/13/2014 21:14:42 [INFO] Stopped NETLOGON
    08/13/2014 21:14:42 [INFO] Creating the System Volume C:\Windows\SYSVOL
    08/13/2014 21:14:42 [INFO] Deleting current sysvol path C:\Windows\SYSVOL 
    08/13/2014 21:14:43 [INFO] Preparing for system volume replication using root C:\Windows\SYSVOL
    08/13/2014 21:14:43 [INFO] Created the system volume
    08/13/2014 21:14:43 [INFO] Copying initial Directory Service database file C:\Windows\system32\ntds.dit to C:\Windows\NTDS\ntds.dit
    08/13/2014 21:14:43 [INFO] Installing the Directory Service
    08/13/2014 21:14:43 [INFO] Calling NtdsInstall for gpts2.gpts.biz
    08/13/2014 21:14:43 [INFO] Starting Active Directory Domain Services installation
    08/13/2014 21:14:43 [INFO] Validating user supplied options
    08/13/2014 21:14:43 [INFO] Determining a site in which to install
    08/13/2014 21:14:43 [INFO] Examining an existing forest...
    08/13/2014 21:14:43 [INFO] Configuring the local computer to host Active Directory Domain Services
    08/13/2014 21:14:44 [INFO] EVENTLOG (Informational): NTDS General / Service Control : 1094
    Software write caching for the following disk drive has been disabled to prevent possible data loss during system failures such as power outages or hardware component failures that can cause a sudden shutdown of the system. The disk drive that stores Active
    Directory Domain Services log files is the only drive affected by this change.
    Disk drive:
    c:
    08/13/2014 21:14:55 [INFO] EVENTLOG (Informational): NTDS General / Internal Configuration : 2120
    This Active Directory Domain Services server does not support the Recycle Bin. Deleted objects may be undeleted, however, when an object is undeleted, some attributes of that object may be lost.  Additionally, attributes of other objects that refer to
    the object being undeleted may also be lost.
    08/13/2014 21:14:56 [INFO] Replicating the schema directory partition
    08/13/2014 21:14:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1963
    Internal event: The following local directory service received an exception from a remote procedure call (RPC) connection. Extensive RPC information was requested. This is intermediate information and might not contain a possible cause.
    Process ID: 
    488
    Reported error information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver1.gpts.biz
    Extensive error information:
    Error value: 
    Access is denied. 5
    directory service: 
    gptsserver2
    Additional Data
    Internal ID: 
    5000dfc
    08/13/2014 21:14:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1961
    Internal event: This log entry is a continuation from the preceding extended error information entry on the following error and directory service.
    Extended information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver2
    Supplemental information:
    Detection location: 
    1461
    Generating component: 
    RPC Runtime
    Time at directory service: 
    2014-08-14 04:14:56
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:14:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 2839
    Internal event: This log entry is a continuation from the preceding extended error information entry.
    Extended information:
    Extended Error Parameters: 
    0
    Parameter 1: 
    (NULL)
    Parameter 2: 
    (NULL)
    Parameter 3: 
    (NULL)
    Parameter 4: 
    (NULL)
    Parameter 5: 
    (null)
    Parameter 6: 
    (null)
    Parameter 7: 
    (null)
    08/13/2014 21:14:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1962
    Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
    directory service: 
    gptsserver1.gpts.biz
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:14:56 [INFO] EVENTLOG (Error): NTDS Replication / Setup : 1125
    The Active Directory Domain Services Installation Wizard (Dcpromo) was unable to establish connection with the following domain controller.
    Domain controller:
    gptsserver1.gpts.biz
    Additional Data
    Error value:
    5 Access is denied.
    08/13/2014 21:15:04 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1963
    Internal event: The following local directory service received an exception from a remote procedure call (RPC) connection. Extensive RPC information was requested. This is intermediate information and might not contain a possible cause.
    Process ID: 
    488
    Reported error information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver1.gpts.biz
    Extensive error information:
    Error value: 
    Access is denied. 5
    directory service: 
    gptsserver2
    Additional Data
    Internal ID: 
    5000dfc
    08/13/2014 21:15:04 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1961
    Internal event: This log entry is a continuation from the preceding extended error information entry on the following error and directory service.
    Extended information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver2
    Supplemental information:
    Detection location: 
    1461
    Generating component: 
    RPC Runtime
    Time at directory service: 
    2014-08-14 04:15:04
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:15:04 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 2839
    Internal event: This log entry is a continuation from the preceding extended error information entry.
    Extended information:
    Extended Error Parameters: 
    0
    Parameter 1: 
    (NULL)
    Parameter 2: 
    (NULL)
    Parameter 3: 
    (NULL)
    Parameter 4: 
    (NULL)
    Parameter 5: 
    (null)
    Parameter 6: 
    (null)
    Parameter 7: 
    (null)
    08/13/2014 21:15:04 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1962
    Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
    directory service: 
    gptsserver1.gpts.biz
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:15:04 [INFO] EVENTLOG (Error): NTDS Replication / Setup : 1125
    The Active Directory Domain Services Installation Wizard (Dcpromo) was unable to establish connection with the following domain controller.
    Domain controller:
    gptsserver1.gpts.biz
    Additional Data
    Error value:
    5 Access is denied.
    08/13/2014 21:15:20 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1963
    Internal event: The following local directory service received an exception from a remote procedure call (RPC) connection. Extensive RPC information was requested. This is intermediate information and might not contain a possible cause.
    Process ID: 
    488
    Reported error information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver1.gpts.biz
    Extensive error information:
    Error value: 
    Access is denied. 5
    directory service: 
    gptsserver2
    Additional Data
    Internal ID: 
    5000dfc
    08/13/2014 21:15:20 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1961
    Internal event: This log entry is a continuation from the preceding extended error information entry on the following error and directory service.
    Extended information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver2
    Supplemental information:
    Detection location: 
    1461
    Generating component: 
    RPC Runtime
    Time at directory service: 
    2014-08-14 04:15:20
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:15:20 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 2839
    Internal event: This log entry is a continuation from the preceding extended error information entry.
    Extended information:
    Extended Error Parameters: 
    0
    Parameter 1: 
    (NULL)
    Parameter 2: 
    (NULL)
    Parameter 3: 
    (NULL)
    Parameter 4: 
    (NULL)
    Parameter 5: 
    (null)
    Parameter 6: 
    (null)
    Parameter 7: 
    (null)
    08/13/2014 21:15:20 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1962
    Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
    directory service: 
    gptsserver1.gpts.biz
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:15:20 [INFO] EVENTLOG (Error): NTDS Replication / Setup : 1125
    The Active Directory Domain Services Installation Wizard (Dcpromo) was unable to establish connection with the following domain controller.
    Domain controller:
    gptsserver1.gpts.biz
    Additional Data
    Error value:
    5 Access is denied.
    08/13/2014 21:15:52 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1963
    Internal event: The following local directory service received an exception from a remote procedure call (RPC) connection. Extensive RPC information was requested. This is intermediate information and might not contain a possible cause.
    Process ID: 
    488
    Reported error information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver1.gpts.biz
    Extensive error information:
    Error value: 
    Access is denied. 5
    directory service: 
    gptsserver2
    Additional Data
    Internal ID: 
    5000dfc
    08/13/2014 21:15:52 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1961
    Internal event: This log entry is a continuation from the preceding extended error information entry on the following error and directory service.
    Extended information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver2
    Supplemental information:
    Detection location: 
    1461
    Generating component: 
    RPC Runtime
    Time at directory service: 
    2014-08-14 04:15:52
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:15:52 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 2839
    Internal event: This log entry is a continuation from the preceding extended error information entry.
    Extended information:
    Extended Error Parameters: 
    0
    Parameter 1: 
    (NULL)
    Parameter 2: 
    (NULL)
    Parameter 3: 
    (NULL)
    Parameter 4: 
    (NULL)
    Parameter 5: 
    (null)
    Parameter 6: 
    (null)
    Parameter 7: 
    (null)
    08/13/2014 21:15:52 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1962
    Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
    directory service: 
    gptsserver1.gpts.biz
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:15:52 [INFO] EVENTLOG (Error): NTDS Replication / Setup : 1125
    The Active Directory Domain Services Installation Wizard (Dcpromo) was unable to establish connection with the following domain controller.
    Domain controller:
    gptsserver1.gpts.biz
    Additional Data
    Error value:
    5 Access is denied.
    08/13/2014 21:16:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1963
    Internal event: The following local directory service received an exception from a remote procedure call (RPC) connection. Extensive RPC information was requested. This is intermediate information and might not contain a possible cause.
    Process ID: 
    488
    Reported error information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver1.gpts.biz
    Extensive error information:
    Error value: 
    Access is denied. 5
    directory service: 
    gptsserver2
    Additional Data
    Internal ID: 
    5000dfc
    08/13/2014 21:16:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1961
    Internal event: This log entry is a continuation from the preceding extended error information entry on the following error and directory service.
    Extended information:
    Error value: 
    Access is denied. (5)
    directory service: 
    gptsserver2
    Supplemental information:
    Detection location: 
    1461
    Generating component: 
    RPC Runtime
    Time at directory service: 
    2014-08-14 04:16:56
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:16:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 2839
    Internal event: This log entry is a continuation from the preceding extended error information entry.
    Extended information:
    Extended Error Parameters: 
    0
    Parameter 1: 
    (NULL)
    Parameter 2: 
    (NULL)
    Parameter 3: 
    (NULL)
    Parameter 4: 
    (NULL)
    Parameter 5: 
    (null)
    Parameter 6: 
    (null)
    Parameter 7: 
    (null)
    08/13/2014 21:16:56 [INFO] EVENTLOG (Error): NTDS Replication / DS RPC Client : 1962
    Internal event: The local directory service received an exception from a remote procedure call (RPC) connection. Extended error information is not available.
    directory service: 
    gptsserver1.gpts.biz
    Additional Data
    Error value: 
    Access is denied. (5)
    08/13/2014 21:16:56 [INFO] EVENTLOG (Error): NTDS Replication / Setup : 1125
    The Active Directory Domain Services Installation Wizard (Dcpromo) was unable to establish connection with the following domain controller.
    Domain controller:
    gptsserver1.gpts.biz
    Additional Data
    Error value:
    5 Access is denied.
    John Grace

  • Need help with process for installation of DNS when establishing a child domain in AD forest using Windows Server 2012

    Additional guidance is needed regarding process for configuring DNS and for configuring the server Network settings (IPv4 properties) for installing a child domain. For example, when installing the Root domain, it is recommended to install DNS when installing
    the AD on the forest root. This ensures the proper records are added to DNS for the forest during DC promo. However, when installing the child domain, I'm unsure if a child-domain hosted DNS needs to be pre-installed prior to the child domain install and dcpromo
    or included in the child domain install.
    Second, there is conflicting guidance as to how to set IPV4 properties for the net interface when installing child-domain DNS. Should primary DNS address be 127.0.0.1 or the address of the Root domain DNS? or both?
    Thanks

    Additional guidance is needed regarding process for configuring DNS and for configuring the server Network settings (IPv4 properties) for installing a child domain. For example, when installing the Root domain, it is recommended to install DNS when installing
    the AD on the forest root. This ensures the proper records are added to DNS for the forest during DC promo. However, when installing the child domain, I'm unsure if a child-domain hosted DNS needs to be pre-installed prior to the child domain install and dcpromo
    or included in the child domain install.
    Second, there is conflicting guidance as to how to set IPV4 properties for the net interface when installing child-domain DNS. Should primary DNS address be 127.0.0.1 or the address of the Root domain DNS? or both?
    Thanks

  • Moving domain controller vm between Hyper-V 2012 R2 hosts

    Hello,
    I have one stand alone Hyper-V host - hvserver01 (Hyper-V Server 2012 R2) and 3 VM's running on it. One Virtual machine is our company's additional Domain controller.
    I'm planning to install an additional hyper-v host - hvserver02 (Hyper-V Server 2012 R2) as well.
    I have the following task to perform: I need to move domain controller virtual machine from hvserver01 to hvserver02.
    So, for this operation which tool do i need - move, export/import or something else... ? or it will be necessary to install a new DC and then demote the old one.. ?
    Is there a some special requirements when moving DC from one virtual host to another.. ?
    And also, - MS Hyper-V Server 2012 R2 is installed on both Hyper-V hosts.
    Do you have some advices ?
    Thanks in advance,

    There's no difference between a VM acting as your DC and any other VM as far as live-migration is concerned.
    You should use live-migration. The VM will remain up and running during the entire process. Both Hyper-V hosts should be domain members. They should have vSwitches with the same exact name. They should have same CPU type, or configure CPU compatibility on
    the VM. Configure Live-migration setting on each host. You can use Hyper-V Manager for live-migration..
    Sam Boutros, Senior Consultant, Software Logic, KOP, PA http://superwidgets.wordpress.com (Please take a moment to Vote as Helpful and/or Mark as Answer, where applicable) _________________________________________________________________________________
    Powershell: Learn it before it's an emergency http://technet.microsoft.com/en-us/scriptcenter/powershell.aspx http://technet.microsoft.com/en-us/scriptcenter/dd793612.aspx

  • Windows 2012 Domain Controller: Failed to open the runspace pool. The Server Manager WinRM plug-in might be corrupted or missing

    Hi all,
    We have been battling a problem for the last couple of days when we try to add the first windows server 2012 DC to an already existing Domain.
    The Server installation goes smoothly and we can add the computer to the domain and its all green.
    After we promote the server to a domain controller the WinRM service starts acting up (not responding anymore).
    The server manager console shows Remote Management as disabled, and when we try to enable it via the console or Powershell it freezes up.
    The AD DS part of the console is saying that there are post-promotion tasks that need to be completed but once we click on the task it takes us to the promotion wizard again, that basically complains that: Failed to open the runspace pool. The Server Manager
    WinRM plug-in might be corrupted or missing.
    In the Remote Management Event log we see the following entry: "The client got a timeout from the network layer (ERROR_WINHTTP_TIMEOUT)" Event ID 138
    We are unable to do anything with the server (demote, add roles, remotely manage...). We tryed the following already:
    1. Recreate from scratch
    2. Checking the GPOs to see if there is anything setup about RM -> came up with nothing
    We just ran out of ideas so HELP PLEASE !
    BR
    Tomaz Praprotnik

    Hi Cicely,
    Yes the error from the Windows Remote Management event log contains (I took out the User and FQDN of the Computer):
    Log Name:      Microsoft-Windows-WinRM/Operational
    Source:        Microsoft-Windows-WinRM
    Date:          3/29/2013 1:38:53 PM
    Event ID:      138
    Task Category: Response handling
    Level:         Error
    Keywords:      Client
    User:         
    Computer:     
    Description:
    The client got a timeout from the network layer (ERROR_WINHTTP_TIMEOUT)
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-WinRM" Guid="{A7975C8F-AC13-49F1-87DA-5A984A4AB417}" />
        <EventID>138</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>10</Task>
        <Opcode>0</Opcode>
        <Keywords>0x4000000000000002</Keywords>
        <TimeCreated SystemTime="2013-03-29T12:38:53.786357100Z" />
        <EventRecordID>6876</EventRecordID>
        <Correlation ActivityID="{18FCFBD2-2B38-0003-D261-FD18382BCE01}" />
        <Execution ProcessID="1084" ThreadID="2924" />
        <Channel>Microsoft-Windows-WinRM/Operational</Channel>
        <Computer></Computer>
        <Security UserID="" />
      </System>
      <EventData>
      </EventData>
    </Event>
    There is also another entry that sometimes comes up:
    Log Name:      Microsoft-Windows-WinRM/Operational
    Source:        Microsoft-Windows-WinRM
    Date:          3/29/2013 1:36:34 PM
    Event ID:      142
    Task Category: Response handling
    Level:         Error
    Keywords:      Client
    User:         
    Computer:     
    Description:
    WSMan operation Invoke failed, error code 2150859046
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-Windows-WinRM" Guid="{A7975C8F-AC13-49F1-87DA-5A984A4AB417}" />
        <EventID>142</EventID>
        <Version>0</Version>
        <Level>2</Level>
        <Task>10</Task>
        <Opcode>2</Opcode>
        <Keywords>0x4000000000000002</Keywords>
        <TimeCreated SystemTime="2013-03-29T12:36:34.076973400Z" />
        <EventRecordID>6869</EventRecordID>
        <Correlation ActivityID="{18FCFBD2-2B38-0001-F328-FD18382BCE01}" />
        <Execution ProcessID="4888" ThreadID="4392" />
        <Channel>Microsoft-Windows-WinRM/Operational</Channel>
        <Computer></Computer>
        <Security UserID="" />
      </System>
      <EventData>
        <Data Name="operationName">Invoke</Data>
        <Data Name="errorCode">2150859046</Data>
      </EventData>
    </Event>
    Best regards
    Tomaz Praprotnik

  • Unable to demote a domain controller

    Hi Everone,
    My primary DC is windows Server 2012 R2 and ADC is windows Server 2008 x64
    I am trying to demote  Windows Server 2008 x64 and i am facing issues.
    when i demote2008 I am getting Error : A Domain Controller could not be contacted for the domain(mydomain.com) that contains
    an account for this computers.Make the computer a member of a workgroup then rejoin the domain before retrying the prmotion.
    The specified domain either doesnot exist or could not be contacted
    When i browse my \\windows2012dc i cannot see sysvol and netlogon shared folders.
    on window2012dc C:\windows\sysvol\mydomain and mydomain folder is empty.(no issues with replication in sites and services and no issues with connectivity or gateway )
    please guide me because i dont want forceful demote.

    I would first recommend taking backups of both DCs before proceeding with any changes.
    Before trying a forced demotion, you can try the following:
    Make sure that both DCs have a single NIC card enabled and only one IP address in use
    Make both DCs point to the other as primary DNS server, their private IP addresses as secondary DNS server and 127.0.0.1 as third one. Once done, run
    ipconfig /registerdns and restart netlogon service
    Disable any security filtering between both DCs and temporary disable security software you use
    If this does not help then you need to proceed with a forced demotion.
    You can then proceed like the following (First, Use dcdiag to check that the Windows Server 2012 R2 DC has no problems apart of the SYSVOL folder and the replication with the other DC):
    Shutdown the DC running Windows Server 2008 (Do not bring it online again without re-installing it later)
    Seize all FSMO roles to your Windows Server 2012 R2 DC if it is not already the current FSMO holder: http://support.microsoft.com/KB/255504
    Do a metadata cleanup to remove the data of the old Windows Server 2008 DC: Use
    dssite.msc to remove its NTDS settings and object over there then use
    dsa.msc to remove its AD account
    Rebuild your SYSVOL tree: http://support.microsoft.com/kb/315457
    This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Get Active Directory User Last Logon
    Create an Active Directory test domain similar to the production one
    Management of test accounts in an Active Directory production domain - Part I
    Management of test accounts in an Active Directory production domain - Part II
    Management of test accounts in an Active Directory production domain - Part III
    Reset Active Directory user password

  • How to upgrade Domain Controller 2008 to 2012 on New Server

    Hi All,
    We are planning to upgrade our domain controller and exchange server 2008 to 2012 R2, so can anyone please suggest what step should be taken first. we have new server machine we are planning to install Windows 2012 R2 and create a additional domain controller
    of our existing domain 2008 then transfer the FSMO roles to this server to act as a primary. after successful migration we will upgrade our exchange 2008 to 2012. please advice is there any problem to do this way.
    Thanks
    Agha

    I was just curious about the same thing. However, I am running 32bit version of server 2008 and want to move the server 2012 r2. This will be on a machine with new hardware and all. Am just curious though if it is possible to migrate some of the
    domain as to not to have to replicate everything?
    Directory Services doesn't really care what version of the OS you are using.  You cannot do an in-place upgrade from a 32bit box to a 64bit box.
    You'll need to make your new R2 server, install AD, move the FSMOs, and demote your 2008 32bit box.
    What WOULDN'T you want to replicate?  That's not how AD works.  It's a multimaster enviroment where ALL DCs have the same information.  You can't choose which objects replicate.  To do that, you'll need to clean up your AD.
    Good luck.
    - Chris Ream -
    **Remember, if you find a post that is helpful, or is the answer, please mark it appropriately.**

Maybe you are looking for

  • Lightroom 2.5 very slow

    After upgrade to 2.5, LR seems very sluggish. Below is the data from Help/System Info. Any suggestions? I'm not sure why Virtual Memory Used is so high. Is this a setting I need to change somewhere? Thanks for any suggestions. Lightroom version: 2.5

  • DocumentBuilder.parse when URI requires a login

    Hello. I am trying to read xml from a URL and am succeeding when the URL does not require a login. However, when a login is required, instead of getting the XML, I am getting what an anonymous user who would access the URL through a browser would see

  • Sudden change in appearance of PDF files

    Adobe Acrobat Pro 9 - PDF document starts to display with odd fonts - CAPS are extra large and mixed fonts through document. didn't have this issue before Did a repair, uninstall and install of Reader XI all with reboots inbetween and still no fix. I

  • History of NLE

    Hey folks, I've taken advantage of the current economic downturn/meltdown (delete where applicable) to go back to school and do some postgrad work. (Loving it, can't say I miss the world of "real" work.) I'm interested in the history of non-linear ed

  • Stopping a slide show

    I just downloaded Photos for Mac and did a test drive on the new SlideShow features.    I noticed that it is impossible to stop a slide show once it has been started.   There appear to be no keyboard keys (not escape either) or mouse movements that r